exposedTo-invalid-origins.https.html

Enable keyboard shortcuts

This test has a WPT meta file that expects 1 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /webmcp/imperative/exposedTo-invalid-origins.https.html - WPT Dashboard Interop Dashboard

<!DOCTYPE html>

<html>

<head>

<title>Invalid origins in exposedTo array</title>

<link rel="author" href="mailto:dom@chromium.org">

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

</head>

<body>

<script>

promise_test(async t => {

  const invalid_origins = [

    '/',

    '*',

    'https://example:bogus',

    'https://\ud800.com',

    'http://example.com',

    'ftp://example.com',

    'chrome-extension://foobar',

];

  for (const origin of invalid_origins) {

    assert_throws_dom('SecurityError', () => {

      navigator.modelContext.registerTool({

        name: 'test_tool_' + Math.random(),

        description: 'Test tool',

        execute: async () => 'hello'

      }, { exposedTo: [origin] });

    }, `Should throw SecurityError for origin: ${origin}`);

}, 'registerTool() throws SecurityError for invalid or non-HTTPS origins in exposedTo');

</script>

</body>

</html>